home *** CD-ROM | disk | FTP | other *** search
- DES 3 "24 March 1987"
-
- desinit, setkey, endes, dedes, desdone - DES encryption
- SYNOPSIS
-
- desinit(mode)
- int mode;
-
- setkey(key)
- char *key;
-
- endes(block)
- char *block;
-
- dedes(block)
- char *block;
-
- desdone()
- DESCRIPTION
- These routines implement both standard and modified forms of the NBS Data
- Encryption Standard (DES). The user must first call
- desinit
- with one of three operating modes:
-
- 0 - Standard, vanilla DES.
-
- 1 - DES with the initial and final permutations removed.
- As these permutations do not strengthen the algorithm,
- they are widely regarded as having no purpose other than to slow
- down software implementations.
- Removing them speeds it up but of course the algorithm is no longer standard
- and it will not be compatible with hardware DES chips.
-
- 2 - DES with the initial and final permutations removed, and with independent
- 48-bit subkeys for each of the 16 rounds. Needless to say this is even
- less standard than mode 1, but if properly used (randomize ALL key bytes --
- no padding!) it should strengthen the algorithm.
-
- After calling desinit the user next calls setkey.
- In modes 0 and 1, 8 key bytes are expected, with the low order bit of
- each key byte ignored (parity is not checked). This gives a 56-bit key.
- In mode 2, 128 key bytes are expected; the high order 2 bits of each byte are
- ignored, giving a 768 bit key.
- In this mode, the first 8 bytes will be used in the first round, the
- second 8 bytes in the second round, and so on.
-
- Once the key is set, the user may perform in-place encryption and decryption
- of 8-byte blocks of data with calls to endes and dedes.
-
- To free up memory dynamically allocated by desinit the user may call desdone.
- If further encryption or decryption is to be done, desinit and setkey must be
- called again.
-
- AUTHOR
- Phil Karn, KA9Q, building heavily on the earlier public domain code
- by Jim Gillogly.
-
-
-
